Information Security Officer (Cybersecurity)

TL;DR

Information Security Officer (Cybersecurity): Development, implementation, and continuous improvement of the Information Security Management System (ISMS) with an accent on governance and operational practice. Focus on translating security strategy into actionable policies, managing risk exposure, and ensuring compliance with ISO 27001 and NIS2.

Location: Based in Alkmaar, with the option to work from home up to one day per week. Regular travel to the Amsterdam office is required.

Company

A specialized IT and security firm focused on protecting client data in a rapidly evolving digital landscape.

What you will do

• Develop, implement, and continuously improve the Information Security Management System (ISMS).
• Lead and execute internal audits and vulnerability assessments.
• Maintain security policies, standards, and procedures to ensure operational embedding.
• Advise operational and tactical management on risk exposure and improvement initiatives.
• Monitor and report on compliance with ISO 27001, NIS2, and other applicable standards.
• Design and deliver security awareness programs and training across the organization.

Requirements

• Bachelor's degree (HBO) or higher in IT, Security, or equivalent professional experience.
• Several years of experience in ICT and/or security auditing.
• Solid working knowledge of ISO 27001, NIS2, NIST, SOC1, and SOC2 frameworks.
• Relevant certifications (or actively pursuing), such as CISSP, CISM, or CISA.
• Fluent in English and Dutch.
• Based in Alkmaar with the ability to travel regularly to Amsterdam.

Nice to have

• Familiarity with project management methodologies such as PRINCE2 or Agile.

Culture & Benefits

• Collaborate within a small, focused security team of three.
• Hybrid work model allowing up to one day of remote work per week.
• Opportunity to take ownership of the ISMS and drive meaningful security improvements.